Merge pull request #4831 from unclejack/final_bump_v0.9.1v0.9.1release-0.9hotfix-0.9.2

Bump to version 0.9.1

7 files changed, 52 insertions, 18 deletions

diff --git a/pkg/libcontainer/apparmor/setup.go b/pkg/libcontainer/apparmor/setup.go
index e07759cc64..4e1c95143a 100644
--- a/pkg/libcontainer/apparmor/setup.go
+++ b/pkg/libcontainer/apparmor/setup.go
@@ -5,6 +5,7 @@ import (
 	"io/ioutil"
 	"os"
 	"os/exec"
+	"path"
 )
 
 const DefaultProfilePath = "/etc/apparmor.d/docker"
@@ -85,6 +86,11 @@ func InstallDefaultProfile() error {
 		return nil
 	}
 
+	// Make sure /etc/apparmor.d exists
+	if err := os.MkdirAll(path.Dir(DefaultProfilePath), 0755); err != nil {
+		return err
+	}
+
 	if err := ioutil.WriteFile(DefaultProfilePath, []byte(DefaultProfile), 0644); err != nil {
 		return err
 	}
diff --git a/pkg/libcontainer/network/loopback.go b/pkg/libcontainer/network/loopback.go
new file mode 100644
index 0000000000..6215061dc2
--- /dev/null
+++ b/pkg/libcontainer/network/loopback.go
@@ -0,0 +1,24 @@
+package network
+
+import (
+	"fmt"
+	"github.com/dotcloud/docker/pkg/libcontainer"
+)
+
+// Loopback is a network strategy that provides a basic loopback device
+type Loopback struct {
+}
+
+func (l *Loopback) Create(n *libcontainer.Network, nspid int, context libcontainer.Context) error {
+	return nil
+}
+
+func (l *Loopback) Initialize(config *libcontainer.Network, context libcontainer.Context) error {
+	if err := SetMtu("lo", config.Mtu); err != nil {
+		return fmt.Errorf("set lo mtu to %d %s", config.Mtu, err)
+	}
+	if err := InterfaceUp("lo"); err != nil {
+		return fmt.Errorf("lo up %s", err)
+	}
+	return nil
+}
diff --git a/pkg/libcontainer/network/strategy.go b/pkg/libcontainer/network/strategy.go
index 234fcc0aa2..693790d280 100644
--- a/pkg/libcontainer/network/strategy.go
+++ b/pkg/libcontainer/network/strategy.go
@@ -10,7 +10,8 @@ var (
 )
 
 var strategies = map[string]NetworkStrategy{
-	"veth": &Veth{},
+	"veth":     &Veth{},
+	"loopback": &Loopback{},
 }
 
 // NetworkStrategy represents a specific network configuration for
diff --git a/pkg/libcontainer/network/veth.go b/pkg/libcontainer/network/veth.go
index 3ab1b2393b..3df0cd61ee 100644
--- a/pkg/libcontainer/network/veth.go
+++ b/pkg/libcontainer/network/veth.go
@@ -68,12 +68,6 @@ func (v *Veth) Initialize(config *libcontainer.Network, context libcontainer.Con
 	if err := InterfaceUp("eth0"); err != nil {
 		return fmt.Errorf("eth0 up %s", err)
 	}
-	if err := SetMtu("lo", config.Mtu); err != nil {
-		return fmt.Errorf("set lo mtu to %d %s", config.Mtu, err)
-	}
-	if err := InterfaceUp("lo"); err != nil {
-		return fmt.Errorf("lo up %s", err)
-	}
 	if config.Gateway != "" {
 		if err := SetDefaultGateway(config.Gateway); err != nil {
 			return fmt.Errorf("set gateway to %s %s", config.Gateway, err)
diff --git a/pkg/libcontainer/nsinit/execin.go b/pkg/libcontainer/nsinit/execin.go
index 488fe0e248..628854ff32 100644
--- a/pkg/libcontainer/nsinit/execin.go
+++ b/pkg/libcontainer/nsinit/execin.go
@@ -14,9 +14,12 @@ import (
 
 // ExecIn uses an existing pid and joins the pid's namespaces with the new command.
 func (ns *linuxNs) ExecIn(container *libcontainer.Container, nspid int, args []string) (int, error) {
-	for _, ns := range container.Namespaces {
-		if err := system.Unshare(ns.Value); err != nil {
-			return -1, err
+	for _, nsv := range container.Namespaces {
+		// skip the PID namespace on unshare because it it not supported
+		if nsv.Key != "NEWPID" {
+			if err := system.Unshare(nsv.Value); err != nil {
+				return -1, err
+			}
 		}
 	}
 	fds, err := ns.getNsFds(nspid, container)
diff --git a/pkg/libcontainer/nsinit/init.go b/pkg/libcontainer/nsinit/init.go
index 336fc1eaaf..09f85e2141 100644
--- a/pkg/libcontainer/nsinit/init.go
+++ b/pkg/libcontainer/nsinit/init.go
@@ -48,7 +48,9 @@ func (ns *linuxNs) Init(container *libcontainer.Container, uncleanRootfs, consol
 			return fmt.Errorf("setctty %s", err)
 		}
 	}
-	if err := system.ParentDeathSignal(); err != nil {
+	// this is our best effort to let the process know that the parent has died and that it
+	// should it should act on it how it sees fit
+	if err := system.ParentDeathSignal(uintptr(syscall.SIGTERM)); err != nil {
 		return fmt.Errorf("parent death signal %s", err)
 	}
 	if err := setupNewMountNamespace(rootfs, console, container.ReadonlyFs, container.NoPivotRoot); err != nil {
@@ -124,7 +126,11 @@ func setupNetwork(container *libcontainer.Container, context libcontainer.Contex
 		if err != nil {
 			return err
 		}
-		return strategy.Initialize(config, context)
+
+		err1 := strategy.Initialize(config, context)
+		if err1 != nil {
+			return err1
+		}
 	}
 	return nil
 }
diff --git a/pkg/libcontainer/nsinit/mount.go b/pkg/libcontainer/nsinit/mount.go
index 83577cfa8c..072188ecd8 100644
--- a/pkg/libcontainer/nsinit/mount.go
+++ b/pkg/libcontainer/nsinit/mount.go
@@ -46,10 +46,8 @@ func setupNewMountNamespace(rootfs, console string, readonly, noPivotRoot bool)
 	if err := setupDev(rootfs); err != nil {
 		return err
 	}
-	if console != "" {
-		if err := setupPtmx(rootfs, console); err != nil {
-			return err
-		}
+	if err := setupPtmx(rootfs, console); err != nil {
+		return err
 	}
 	if err := system.Chdir(rootfs); err != nil {
 		return fmt.Errorf("chdir into %s %s", rootfs, err)
@@ -245,8 +243,10 @@ func setupPtmx(rootfs, console string) error {
 	if err := os.Symlink("pts/ptmx", ptmx); err != nil {
 		return fmt.Errorf("symlink dev ptmx %s", err)
 	}
-	if err := setupConsole(rootfs, console); err != nil {
-		return err
+	if console != "" {
+		if err := setupConsole(rootfs, console); err != nil {
+			return err
+		}
 	}
 	return nil
 }